The White House released its first Federal Cybersecurity Workforce Strategy on Tuesday as part of President Obama’s Cybersecurity National Action Plan (CNAP) and in response to the Office of Management and Budget’s (OMB) findings during the 2015 Cybersecurity Sprint (Defense Daily, Aug. 3, 2015).
The workforce strategy was partially driven by the OMB’s findings that “the supply of cybersecurity talent to meet the increasing demand of the Federal Government is simply not sufficient,” the administration said in the introduction to the strategy released by Director of the OMB Shaun Donovan, Acting Director of the U.S. Office of Personnel Management (OPM), Beth Cobert, Special Assistant to the President and Cybersecurity Coordinator Michael Daniel, and U.S. Chief Information Officer (CIO) Tony Scott.
The White House highlighted that OMB’s Cybersecurity Sprint found federal agencies’ lack of cybersecurity and IT talent is a major resource constraint impacting their ability to protection information and assets while several existing federal initiatives to address this challenge have inconsistent implementation and awareness.
This new workforce strategy establishes four major initiatives to address these concerns: expanding cybersecurity education, enhanced recruitment, improve retention and development, and identify workforce needs.
The strategy supports proposed CNAP initiatives that would invest $62 million in FY 2017 funding to expand national cybersecurity education. This includes offering competitive scholarships and covering full tuition for college and university students through the CyberCorps®: Scholarship for Service program; collaborating with academic institutions to develop guidance for cybersecurity core curriculum and allow colleges and universities to expand their course offerings; and providing program development grants to academic institutions to hire or retain professors, adopt a cybersecurity core curriculum, and strengthen their overall cybersecurity education programs.
The strategy also initiates efforts to implement a new government-wide recruitment strategy, from apprentice programs, colleges, universities, and private industries as part of a comprehensive plan. The White House highlighted this effort includes enhanced outreach to diverse cyber talent including women, minorities, and veterans. The administration plans to partner with agencies in the following months to streamline hiring practices consistent with existing statutes and to leverage current hiring authorities to quickly bring on new talent when appropriate.
The administration also said it will explore opportunities to establish a cybersecurity cadre within the Presidential Management Fellows (PMF) program that leverages the Presidential Innovation Fellows program and “other dynamic approaches for bringing top technologists and innovators into government service.” It will further explore opportunities to expand the use of new or revised pay authorities that may serve as a model for future government-wide recruitment efforts.
In order to improve cyber employee retention and development, OPM is set to work with agencies to develop cybersecurity career paths, badging and credentialing programs, rotational assignments, and foster opportunities for employees to obtain new skills and become subject matter experts in their field, the White House said. The strategy further directs the development of a government-wide cybersecurity orientation program for new cybersecurity professionals to improve information sharing and employees’ knowledge of upcoming developmental and training opportunities.
The strategy also seeks to increase the use of special pay authorities while improving training and development opportunities for both cyber and non-cyber employees.
The strategy addresses how to identify workforce needs by directing agencies to adopt a new approach to identifying their cybersecurity workforce gaps. This will use the new National Cybersecurity Workforce Framework, developed by National Initiative for Cybersecurity Education (NICE) partner agencies, which identifies 31 separate specialty areas within this workforce. The White House expects agencies to be better able to identify, recruit, assess, and hire the best candidates with cyber-related skills and abilities under this framework.
The administration highlighted it has already hired 3,000 new cybersecurity and IT professionals within the first six months of this fiscal year with these workforce changes.
“However, there is clearly more work to do, and we are committed to a plan by which agencies would hire 3,500 more individuals to fill critical cybersecurity and IT positions by January 2017,” the administration said.
“We must recognize that these changes will take time to implement, and the Workforce Strategy’s long-term success will depend on the attention, innovation, and resources from all levels of government,” the White House said.